From patchwork Sat Feb 3 00:09:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13543872 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 46444C4828F for ; Sat, 3 Feb 2024 05:33:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=FFRWOZpGWfPmkvNAVBYUtHGaDltzW1njEvDUIa4JdGo=; b=RcIQ2eSuIO54c9 xJwFCUM0Drsxh7omYv6AWk16b3HF9VrcGeNcEjt0+sW2+GoXM7lB/Id3PUPnVgck9rAowxHiSCM8+ QP838Dga1rldeM+WKOsFjAvK84sQ/JN32PYNK+LNd+ygUkGFrQILtyIw2ZWzlp3VJgqwf9RYJ9/ey +Qz6NwNw/3wh4jdi9zKe+u3SqJQ3w4eUx0YY1c4cbSotgKKiyig3lh9x29jKqEQmizfjhk0HnUUbK OqAb+vHEbUvHxL6jodhfrhxw663tmEW1qFhb4QeM6U5W3//TeP5Jv45VSi9gLM14pJzidst1vgNJl wWwvK3NE6aKk9DgKWRzQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rW8ep-0000000FP7S-1YVK; Sat, 03 Feb 2024 05:33:39 +0000 Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rW3bf-0000000Dt5Q-12Yq for linux-arm-kernel@bombadil.infradead.org; Sat, 03 Feb 2024 00:10:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=Content-Type:Cc:To:From:Subject: Message-ID:References:Mime-Version:In-Reply-To:Date:Reply-To:Sender: Content-Transfer-Encoding:Content-ID:Content-Description; bh=VzhuhwHBOVTPe3ek7qdXtFf4wVMa0yBW9i03fvIkD6g=; b=hTiWRomldq7Rzm/XsnIw7E2mhz qtoXE0ZoUQOtRo5PVXuRJKwEsHlcFgAbhG8+P5dpCBieeFViykZQTQkgXAuNKSTOx+SK/8VENpksp p5SeGIp0/Nlega2VeGvMy9khLmkGHle6r/mbJMlbwSlU4BP9H6eRcxB6uwk7G0Mm5+wdO5HpZNi3f DHhmC0ie0WB0XSEnsxE1J3OF/CKwIqf+zHdJK5YGD+U0F3LlatJmEBylmSPwvZ/V3sCEwoFcoxztW N8U0bn6Jof9Rgm5PeRwiyJ57nsirWk62/uuN4vC7+xquw/ZmBW/eDRb/HjuvOMYywASfRy9cBltrN WAZCa34w==; Received: from mail-pl1-x64a.google.com ([2607:f8b0:4864:20::64a]) by desiato.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rW3bV-0000000AL1W-0DJw for linux-arm-kernel@lists.infradead.org; Sat, 03 Feb 2024 00:09:56 +0000 Received: by mail-pl1-x64a.google.com with SMTP id d9443c01a7336-1d968aebbd1so17556135ad.1 for ; Fri, 02 Feb 2024 16:09:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1706918981; x=1707523781; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=VzhuhwHBOVTPe3ek7qdXtFf4wVMa0yBW9i03fvIkD6g=; b=iChnUukdJGoSHjzVu5DwZOMOVWhIzOEt6DOXlDAlat9wHHmiDRto5fxhVwi1wwwmpW U/VahC18KLaMXUmFU+/aMPunh/JEem6/brseQMLkxmusYD5xEeyNanlx68/3+9apUUTa H/ulFDk4PUEPtTKMMBT0lWNs8/QZGM0YSad5aQGL1jbk5A/qweVD8yapi6ow09XDvegO GTsf9/ZS3iMnQ+8tSx8Osqtbuih8G5zIvYYSXXiFLKnFrI+ensSqx6eaUZRWerKdJh+b 5khy2NDTIJveWxLHCBvNZhxNpbzekHpWBZPluxF0By7gUrJkm1we2VBHRc8i/dcPCn6Y lF9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706918981; x=1707523781; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=VzhuhwHBOVTPe3ek7qdXtFf4wVMa0yBW9i03fvIkD6g=; b=T3ARW+HYo/jfaeRllx2EPNbTbryOIJlu9gxWAAsTIbPHGq6IYoNadQko1HNakwTi9U ibJd0PuDSACrPZEtF50TbE67f9dh0w4RP8Lq3e+1RB6+7Cdlu8QQL5pcxGTZa16RXiqH ABlGJJIqjVoUPsdlCPD58ynQ+00zxPRYkqmUMQoeg/yp1ds83sRvgg8C3O50NnY94UIL lr1KSkUkcn4F1k1Oc7oSLOI1XZHXJatspuy0Kx8UBkcWohM7PnGOu+8NYhU4rXbROn4e 5BBjVkCiGdwhPY8w4AqsQiNisIBbk8IweyqHHi8keTLUxKg3USNxrRL0wg0FIhKXSTtd tQ8w== X-Gm-Message-State: AOJu0YyHezXJyqVUXeT/qhXhoXbkC+n/tzkw8GXePLfnl6s0OCDxP07W I1oflbEyjjcpVljdskv9Ya9QL1l8XyqiyH8WOoEaNxXWqkTEnWtSZ4DLCiSEo8vVw1yf/YWt8Uh GLg== X-Google-Smtp-Source: AGHT+IFdVzXVjWcXSdnVu4txbSAxtL7z3o5BSMoU53EUfpfZ3637JRMu4aCEDmVPmG/jpu55q3noR5dZ8rg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:e741:b0:1d9:1ca3:1883 with SMTP id p1-20020a170902e74100b001d91ca31883mr51751plf.5.1706918980700; Fri, 02 Feb 2024 16:09:40 -0800 (PST) Date: Fri, 2 Feb 2024 16:09:16 -0800 In-Reply-To: <20240203000917.376631-1-seanjc@google.com> Mime-Version: 1.0 References: <20240203000917.376631-1-seanjc@google.com> X-Mailer: git-send-email 2.43.0.594.gd9cf4e227d-goog Message-ID: <20240203000917.376631-11-seanjc@google.com> Subject: [PATCH v8 10/10] KVM: selftests: Add a basic SEV smoke test From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Peter Gonda X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240203_000954_704929_74547138 X-CRM114-Status: GOOD ( 14.36 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Peter Gonda Add a basic smoke test for SEV guests to verify that KVM can launch an SEV guest and run a few instructions without exploding. To verify that SEV is indeed enabled, assert that SEV is reported as enabled in MSR_AMD64_SEV, a.k.a. SEV_STATUS, which cannot be intercepted by KVM (architecturally enforced). Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerly Tng cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Suggested-by: Michael Roth Signed-off-by: Peter Gonda [sean: rename to "sev_smoke_test"] Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/x86_64/sev_smoke_test.c | 58 +++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_smoke_test.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 169b6ee8f733..da20e6bb43ed 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -120,6 +120,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/vmx_pmu_caps_test TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test TEST_GEN_PROGS_x86_64 += x86_64/sev_migrate_tests +TEST_GEN_PROGS_x86_64 += x86_64/sev_smoke_test TEST_GEN_PROGS_x86_64 += x86_64/amx_test TEST_GEN_PROGS_x86_64 += x86_64/max_vcpuid_cap_test TEST_GEN_PROGS_x86_64 += x86_64/triple_fault_event_test diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c new file mode 100644 index 000000000000..c1534efab2be --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c @@ -0,0 +1,58 @@ +// SPDX-License-Identifier: GPL-2.0-only +#include +#include +#include +#include +#include + +#include "test_util.h" +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "sev.h" + +static void guest_sev_code(void) +{ + GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV)); + GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED); + + GUEST_DONE(); +} + +static void test_sev(void *guest_code, uint64_t policy) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + struct ucall uc; + + vm = vm_sev_create_with_one_vcpu(policy, guest_code, &vcpu); + + for (;;) { + vcpu_run(vcpu); + + switch (get_ucall(vcpu, &uc)) { + case UCALL_SYNC: + continue; + case UCALL_DONE: + return; + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + default: + TEST_FAIL("Unexpected exit: %s", + exit_reason_str(vcpu->run->exit_reason)); + } + } + + kvm_vm_free(vm); +} + +int main(int argc, char *argv[]) +{ + TEST_REQUIRE(is_kvm_sev_supported()); + + test_sev(guest_sev_code, SEV_POLICY_NO_DBG); + test_sev(guest_sev_code, 0); + + return 0; +}